in setup_limit_to_central_vault.py [0:0]
def setup(centralaccount, centralvault, centralregion, policyname, policydescription):
try:
f = open("LimitBackupVaultSharingToCentralVault.json", "r")
policy = f.read()
logger.info('policy start is: ')
policy = policy.replace("<CentralAccountId>", centralaccount)
if centralvault is not None:
policy = policy.replace("<CentralVault>", centralvault)
else:
policy = policy.replace("<CentralVault>", "*")
if centralregion is not None:
policy = policy.replace("<CentralRegion>", centralregion)
else:
policy = policy.replace("<CentralRegion>", "*")
logger.info('Policy being applied is: {}'.format(policy))
client = boto3.client('organizations')
create_scp_info = {'Content': policy,
'Description': policydescription,
'Name': policyname,
'Type': 'SERVICE_CONTROL_POLICY',
'Tags': [
{
'Key': 'string',
'Value': 'string'
}
]
}
response = client.create_policy(**create_scp_info)
logger.info("Response: {}".format(response))
except Exception as e:
# If any other exceptions which we didn't expect are raised
# then fail and log the exception message.
logger.error('Error applying service control policy: {}'.format(e))
raise